The online whiteboard of Kristofer Palmvik

5 links collected from chloe.re in 2016

Sorting: Oldest links first
Domain: chloe.re

2016

2016-07-07 chloe.re
Hardening Content Security Policy (CSP)
CSP is a great invention, but it can still be implemented poorly and not give its purposed protection. Even more can CSP protect against more than just XSS if you customize the policy accordingly to your websites attack surface.
2016-08-08 chloe.re
Increase security by enforcing multiple Content Security Policies
It’s of much importance that you have a policy in both your response headers and in your HTML
2016-09-01 chloe.re
More control with Clear-Site-Data and Feature-Policy
This article will shortly describe two new headers. We will discuss their functionality, how they can protect the user and finally some considerations.
2016-09-27 chloe.re
I don't trust your browser - Fight those who fight you
Note that a fight against a browser is practically impossible to win and these methods are nothing more than a second layer of security that only may help. However, many (most) of the extensions don’t know about these methods so they don’t have a workaround. I would still say that these methods are highly recommended and should be considered as best practice.
2016-12-05 chloe.re
Dealing with user uploaded files
Reduce the attack vector greatly by limiting the permissions an evil crafted submitted file from a hacker have

» More links from 2016

↑ Back to top